summaryrefslogtreecommitdiffstats
path: root/jeschli/5pkgs
diff options
context:
space:
mode:
Diffstat (limited to 'jeschli/5pkgs')
-rw-r--r--jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix40
-rw-r--r--jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix40
-rw-r--r--jeschli/5pkgs/firefox/dark-reader/default.nix28
-rw-r--r--jeschli/5pkgs/firefox/default.nix18
-rw-r--r--jeschli/5pkgs/firefox/firefox-with-config.nix488
-rw-r--r--jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix40
-rw-r--r--jeschli/5pkgs/firefox/hopper/default.nix45
-rw-r--r--jeschli/5pkgs/firefox/https-everywhere/default.nix29
-rw-r--r--jeschli/5pkgs/firefox/pyocclient/default.nix26
-rw-r--r--jeschli/5pkgs/firefox/rmount/default.nix34
-rw-r--r--jeschli/5pkgs/firefox/ublock-origin/default.nix28
-rw-r--r--jeschli/5pkgs/firefox/user-agent-switcher/default.nix40
-rw-r--r--jeschli/5pkgs/firefox/webgl-fingerprint-defender/default.nix40
-rw-r--r--jeschli/5pkgs/firefox/wl-clipboard/default.nix25
14 files changed, 921 insertions, 0 deletions
diff --git a/jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix
new file mode 100644
index 000000000..05815e132
--- /dev/null
+++ b/jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix
@@ -0,0 +1,40 @@
+{ stdenv, fetchurl, unzip, jq, zip }:
+
+stdenv.mkDerivation rec {
+ pname = "audio-fingerprint-defender-${version}";
+ version = "0.1.3";
+
+ extid = "@audio-fingerprint-defender";
+ signed = false;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3363623/audiocontext_fingerprint_defender-${version}-an+fx.xpi";
+ sha256 = "0yfk5vqwjg4g25c98psj56sw3kv8imxav3nss4hbibflgla1h5pb";
+ };
+
+ phases = [ "buildPhase" ];
+
+ buildInputs = [ zip unzip jq ];
+
+ buildPhase = ''
+ mkdir -p $out/${extid}
+ unzip ${src} -d $out/${extid}
+ NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
+ echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
+ cd $out/${extid}
+ zip -r -FS $out/${extid}.xpi *
+ rm -r $out/${extid}
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Audio context fingerprint defender firefox browser addon";
+ homepage = https://mybrowseraddon.com/audiocontext-defender.html;
+ license = {
+ fullName = "Mozilla Public License Version 2.0";
+ shortName = "moz2";
+ spdxId = "mozilla-2.0";
+ url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix
new file mode 100644
index 000000000..21b4b3f97
--- /dev/null
+++ b/jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix
@@ -0,0 +1,40 @@
+{ stdenv, fetchurl, unzip, jq, zip }:
+
+stdenv.mkDerivation rec {
+ pname = "canvas-fingerprint-defender-${version}";
+ version = "0.1.5";
+
+ extid = "@canvas-fingerprint-defender";
+ signed = false;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3362272/canvas_fingerprint_defender-${version}-an+fx.xpi?src=recommended";
+ sha256 = "1hg00zsrw7ij7bc222j83g2wm3ml1aj34zg5im1802cjq4qqvbld";
+ };
+
+ phases = [ "buildPhase" ];
+
+ buildInputs = [ zip unzip jq ];
+
+ buildPhase = ''
+ mkdir -p $out/${extid}
+ unzip ${src} -d $out/${extid}
+ NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
+ echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
+ cd $out/${extid}
+ zip -r -FS $out/${extid}.xpi *
+ rm -r $out/${extid}
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Canvas fingerprint defender firefox browser addon";
+ homepage = https://mybrowseraddon.com/webgl-defender.html;
+ license = {
+ fullName = "Mozilla Public License Version 2.0";
+ shortName = "moz2";
+ spdxId = "mozilla-2.0";
+ url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/5pkgs/firefox/dark-reader/default.nix b/jeschli/5pkgs/firefox/dark-reader/default.nix
new file mode 100644
index 000000000..44f4f9054
--- /dev/null
+++ b/jeschli/5pkgs/firefox/dark-reader/default.nix
@@ -0,0 +1,28 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
+ pname = "dark-reader-${version}";
+ version = "4.8.1";
+
+ extid = "addon@darkreader.org";
+ signed = true;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3404143/dark_reader-${version}-an+fx.xpi";
+ sha256 = "0ic0i56jhmxymvy68bs5hqcjvdvw3vks5r58i2ygmpsm190rlldb";
+ };
+
+ phases = [ "installPhase" ];
+
+ installPhase = ''
+ install -D ${src} "$out/${extid}.xpi"
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Dark mode for every website. Take care of your eyes, use dark theme for night and daily browsing.";
+ homepage = https://github.com/darkreader/darkreader;
+ license = licenses.mit;
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/5pkgs/firefox/default.nix b/jeschli/5pkgs/firefox/default.nix
new file mode 100644
index 000000000..6ba4fec83
--- /dev/null
+++ b/jeschli/5pkgs/firefox/default.nix
@@ -0,0 +1,18 @@
+with import <stockholm/lib>;
+
+self: super:
+
+let
+ # This callPackage will try to detect obsolete overrides.
+ callPackage = path: args: let
+ override = self.callPackage path args;
+ upstream = optionalAttrs (override ? "name")
+ (super.${(parseDrvName override.name).name} or {});
+ in if upstream ? "name" &&
+ override ? "name" &&
+ compareVersions upstream.name override.name != -1
+ then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
+ else override;
+in
+
+ mapNixDir (path: callPackage path {}) ./.
diff --git a/jeschli/5pkgs/firefox/firefox-with-config.nix b/jeschli/5pkgs/firefox/firefox-with-config.nix
new file mode 100644
index 000000000..9be6250d7
--- /dev/null
+++ b/jeschli/5pkgs/firefox/firefox-with-config.nix
@@ -0,0 +1,488 @@
+{ stdenv, lib, pkgs, makeDesktopItem, makeWrapper, lndir, replace, config
+
+## various stuff that can be plugged in
+, flashplayer, hal-flash
+, MPlayerPlugin, ffmpeg, xorg, libpulseaudio, libcanberra-gtk2
+, jrePlugin, icedtea_web
+, bluejeans, djview4, adobe-reader
+, google_talk_plugin, fribid, gnome3/*.gnome-shell*/
+, esteidfirefoxplugin ? ""
+, browserpass, chrome-gnome-shell, uget-integrator, plasma-browser-integration, bukubrow
+, udev
+, kerberos
+
+}:
+
+## configurability of the wrapper itself
+
+browser:
+
+let
+ wrapper =
+ { browserName ? browser.browserName or (builtins.parseDrvName browser.name).name
+ , name ? (browserName + "-" + (builtins.parseDrvName browser.name).version)
+ , desktopName ? # browserName with first letter capitalized
+ (lib.toUpper (lib.substring 0 1 browserName) + lib.substring 1 (-1) browserName)
+ , nameSuffix ? ""
+ , icon ? browserName
+ , extraPlugins ? []
+ , extraPrefs ? ""
+ , extraExtensions ? [ ]
+ , allowNonSigned ? false
+ , disablePocket ? false
+ , disableTelemetry ? true
+ , disableDrmPlugin ? false
+ , showPunycodeUrls ? true
+ , disableFirefoxStudies ? true
+ , disableFirefoxSync ? false
+ , useSystemCertificates ? true
+ , dontCheckDefaultBrowser ? false
+ # For more information about anti tracking
+ # vist https://wiki.kairaven.de/open/app/firefox
+ , activateAntiTracking ? true
+ , disableFeedbackCommands ? true
+ , disableDNSOverHTTPS ? true
+ , disableGoogleSafebrowsing ? false
+ , clearDataOnShutdown ? false
+ , homepage ? "about:blank"
+ # For more information about policies visit
+ # https://github.com/mozilla/policy-templates#enterprisepoliciesenabled
+ , extraPolicies ? {}
+ , extraNativeMessagingHosts ? []
+ , gdkWayland ? false
+ }:
+
+ assert gdkWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used
+
+ let
+
+ # If extraExtensions has been set disable manual extensions
+ disableManualExtensions = if lib.count (x: true) extraExtensions > 0 then true else false;
+
+ cfg = config.${browserName} or {};
+ enableAdobeFlash = cfg.enableAdobeFlash or false;
+ ffmpegSupport = browser.ffmpegSupport or false;
+ gssSupport = browser.gssSupport or false;
+ jre = cfg.jre or false;
+ icedtea = cfg.icedtea or false;
+ supportsJDK =
+ stdenv.hostPlatform.system == "i686-linux" ||
+ stdenv.hostPlatform.system == "x86_64-linux" ||
+ stdenv.hostPlatform.system == "armv7l-linux" ||
+ stdenv.hostPlatform.system == "aarch64-linux";
+
+ plugins =
+ assert !(jre && icedtea);
+ if builtins.hasAttr "enableVLC" cfg
+ then throw "The option \"${browserName}.enableVLC\" has been removed since Firefox no longer supports npapi plugins"
+ else
+ ([ ]
+ ++ lib.optional enableAdobeFlash flashplayer
+ ++ lib.optional (cfg.enableDjvu or false) (djview4)
+ ++ lib.optional (cfg.enableMPlayer or false) (MPlayerPlugin browser)
+ ++ lib.optional (supportsJDK && jre && jrePlugin ? mozillaPlugin) jrePlugin
+ ++ lib.optional icedtea icedtea_web
+ ++ lib.optional (cfg.enableGoogleTalkPlugin or false) google_talk_plugin
+ ++ lib.optional (cfg.enableFriBIDPlugin or false) fribid
+ ++ lib.optional (cfg.enableGnomeExtensions or false) gnome3.gnome-shell
+ ++ lib.optional (cfg.enableBluejeans or false) bluejeans
+ ++ lib.optional (cfg.enableAdobeReader or false) adobe-reader
+ ++ lib.optional (cfg.enableEsteid or false) esteidfirefoxplugin
+ ++ extraPlugins
+ );
+ nativeMessagingHosts =
+ ([ ]
+ ++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass)
+ ++ lib.optional (cfg.enableBukubrow or false) bukubrow
+ ++ lib.optional (cfg.enableGnomeExtensions or false) chrome-gnome-shell
+ ++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator
+ ++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma-browser-integration
+ ++ extraNativeMessagingHosts
+ );
+ libs = lib.optional stdenv.isLinux udev
+ ++ lib.optional ffmpegSupport ffmpeg
+ ++ lib.optional gssSupport kerberos
+ ++ lib.optionals (cfg.enableQuakeLive or false)
+ (with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ])
+ ++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash
+ ++ lib.optional (config.pulseaudio or true) libpulseaudio;
+ gtk_modules = [ libcanberra-gtk2 ];
+
+ enterprisePolicies =
+ {
+ policies = {
+ DisableAppUpdate = true;
+ } // lib.optionalAttrs disableManualExtensions (
+ {
+ ExtensionSettings = {
+ "*" = {
+ blocked_install_message = "You can't have manual extension mixed with nix extensions";
+ installation_mode = "blocked";
+ };
+
+ } // lib.foldr (e: ret:
+ ret // {
+ "${e.extid}" = {
+ installation_mode = "allowed";
+ };
+ }
+ ) {} extraExtensions;
+ }
+ ) // lib.optionalAttrs disablePocket (
+ {
+ DisablePocket = true;
+ }
+ ) // lib.optionalAttrs disableTelemetry (
+ {
+ DisableTelemetry = true;
+ }
+ ) // lib.optionalAttrs disableFirefoxStudies (
+ {
+ DisableFirefoxStudies = true;
+ }
+ ) // lib.optionalAttrs disableFirefoxSync (
+ {
+ DisableFirefoxAccounts = true;
+ }
+ ) // lib.optionalAttrs useSystemCertificates (
+ {
+ # Disable useless firefox certificate store
+ Certificates = {
+ ImportEnterpriseRoots = true;
+ };
+ }
+ ) // lib.optionalAttrs (
+ if lib.count (x: true) extraExtensions > 0 then true else false) (
+ {
+ # Don't try to update nix installed addons
+ DisableSystemAddonUpdate = true;
+
+ # But update manually installed addons
+ ExtensionUpdate = false;
+ }
+ ) // lib.optionalAttrs dontCheckDefaultBrowser (
+ {
+ DontCheckDefaultBrowser = true;
+ }
+ )// lib.optionalAttrs disableDNSOverHTTPS (
+ {
+ DNSOverHTTPS = {
+ Enabled = false;
+ };
+ }
+ ) // lib.optionalAttrs clearDataOnShutdown (
+ {
+ SanitizeOnShutdown = true;
+ }
+ ) // lib.optionalAttrs disableFeedbackCommands (
+ {
+ DisableFeedbackCommands = true;
+ }
+ ) // lib.optionalAttrs ( if homepage == "" then false else true) (
+ {
+ Homepage = {
+ URL = homepage;
+ Locked = true;
+ };
+ }
+ ) // extraPolicies ;} ;
+
+
+ extensions = builtins.map (a:
+ if ! (builtins.hasAttr "signed" a) || ! (builtins.isBool a.signed) then
+ throw "Addon ${a.pname} needs boolean attribute 'signed' "
+ else if ! (builtins.hasAttr "extid" a) || ! (builtins.isString a.extid) then
+ throw "Addon ${a.pname} needs a string attribute 'extid'"
+ else if a.signed == false && !allowNonSigned then
+ throw "Disable signature checking in firefox if you want ${a.pname} addon"
+ else a
+ ) extraExtensions;
+
+ policiesJson = builtins.toFile "policies.json"
+ (builtins.toJSON enterprisePolicies);
+
+ mozillaCfg = builtins.toFile "mozilla.cfg" ''
+ // First line must be a comment
+
+ // Remove default top sites
+ lockPref("browser.newtabpage.pinned", "");
+ lockPref("browser.newtabpage.activity-stream.default.sites", "");
+
+ // Deactivate first run homepage
+ lockPref("browser.startup.firstrunSkipsHomepage", false);
+
+ // If true, don't show the privacy policy tab on first run
+ lockPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true);
+
+ ${
+ if allowNonSigned == true then
+ ''lockPref("xpinstall.signatures.required", false)''
+ else
+ ""
+ }
+
+ ${
+ if showPunycodeUrls == true then
+ ''
+ lockPref("network.IDN_show_punycode", true);
+ ''
+ else
+ ""
+ }
+
+ ${
+ if disableManualExtensions == true then
+ ''
+ lockPref("extensions.getAddons.showPane", false);
+ lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
+ lockPref("app.update.auto", false);
+ ''
+ else
+ ""
+ }
+
+ ${
+ if disableDrmPlugin == true then
+ ''
+ lockPref("media.gmp-gmpopenh264.enabled", false);
+ lockPref("media.gmp-widevinecdm.enabled", false);
+ ''
+ else
+ ""
+ }
+
+ ${
+ if activateAntiTracking == true then
+ ''
+ // Tracking
+ lockPref("browser.send_pings", false);
+ lockPref("browser.send_pings.require_same_host", true);
+ lockPref("network.dns.disablePrefetch", true);
+ lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false);
+ lockPref("browser.search.geoip.url", "");
+ lockPref("privacy.firstparty.isolate", true);
+ lockPref("privacy.userContext.enabled", true);
+ lockPref("privacy.userContext.ui.enabled", true);
+ lockPref("privacy.firstparty.isolate.restrict_opener_access", false);
+ lockPref("network.http.referer.XOriginPolicy", 1);
+ lockPref("network.http.referer.hideOnionSource", true);
+ lockPref(" privacy.spoof_english", true);
+
+ // This option is currently not usable because of bug:
+ // https://bugzilla.mozilla.org/show_bug.cgi?id=1557620
+ // lockPref("privacy.resistFingerprinting", true);
+ ''
+ else ""
+ }
+ ${
+ if disableTelemetry == true then
+ ''
+ // Telemetry
+ lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
+ lockPref("browser.ping-centre.telemetry", false);
+ lockPref("devtools.onboarding.telemetry.logged", false);
+ lockPref("toolkit.telemetry.archive.enabled", false);
+ lockPref("toolkit.telemetry.bhrPing.enabled", false);
+ lockPref("toolkit.telemetry.enabled", false);
+ lockPref("toolkit.telemetry.firstShutdownPing.enabled", false);
+ lockPref("toolkit.telemetry.hybridContent.enabled", false);
+ lockPref("toolkit.telemetry.newProfilePing.enabled", false);
+ lockPref("toolkit.telemetry.shutdownPingSender.enabled", false);
+ lockPref("toolkit.telemetry.reportingpolicy.firstRun", false);
+ lockPref("dom.push.enabled", false);
+ lockPref("browser.newtabpage.activity-stream.feeds.snippets", false);
+ lockPref("security.ssl.errorReporting.enabled", false);
+ ''
+ else ""
+ }
+
+ ${
+ if disableGoogleSafebrowsing == true then
+ ''
+ // Google data sharing
+ lockPref("browser.safebrowsing.blockedURIs.enabled", false);
+ lockPref("browser.safebrowsing.downloads.enabled", false);
+ lockPref("browser.safebrowsing.malware.enabled", false);
+ lockPref("browser.safebrowsing.passwords.enabled", false);
+ lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
+ lockPref("browser.safebrowsing.malware.enabled", false);
+ lockPref("browser.safebrowsing.phishing.enabled", false);
+ lockPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
+ lockPref("browser.safebrowsing.provider.mozilla.updateURL", "");
+ ''
+ else ""
+ }
+
+ // User customization
+ ${extraPrefs}
+ '';
+ in stdenv.mkDerivation {
+ inherit name;
+
+ desktopItem = makeDesktopItem {
+ name = browserName;
+ exec = "${browserName}${nameSuffix} %U";
+ inherit icon;
+ comment = "";
+ desktopName = "${desktopName}${nameSuffix}${lib.optionalString gdkWayland " (Wayland)"}";
+ genericName = "Web Browser";
+ categories = "Application;Network;WebBrowser;";
+ mimeType = stdenv.lib.concatStringsSep ";" [
+ "text/html"
+ "text/xml"
+ "application/xhtml+xml"
+ "application/vnd.mozilla.xul+xml"
+ "x-scheme-handler/http"
+ "x-scheme-handler/https"
+ "x-scheme-handler/ftp"
+ ];
+ };
+
+ nativeBuildInputs = [ makeWrapper lndir ];
+ buildInputs = lib.optional (browser ? gtk3) browser.gtk3;
+
+ buildCommand = lib.optionalString stdenv.isDarwin ''
+ mkdir -p $out/Applications
+ cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications
+ rm -f $out${browser.execdir or "/bin"}/${browserName}
+ '' + ''
+
+ # Link the runtime. The executable itself has to be copied,
+ # because it will resolve paths relative to its true location.
+ # Any symbolic links have to be replicated as well.
+ cd "${browser}"
+ find . -type d -exec mkdir -p "$out"/{} \;
+
+ find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \;
+
+ find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do
+ cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f"
+ chmod a+rwx "$out/$f"
+ done
+
+ # fix links and absolute references
+ cd "${browser}"
+
+ find . -type l -print0 | while read -d $'\0' l; do
+ target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")"
+ ln -sfT "$target" "$out/$l"
+ done
+
+ # This will not patch binaries, only "text" files.
+ # Its there for the wrapper mostly.
+ cd "$out"
+ ${replace}/bin/replace-literal -esfR -- "${browser}" "$out"
+
+ # create the wrapper
+
+ executablePrefix="$out${browser.execdir or "/bin"}"
+ executablePath="$executablePrefix/${browserName}"
+
+ if [ ! -x "$executablePath" ]
+ then
+ echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'"
+ exit 1
+ fi
+
+ if [ ! -L "$executablePath" ]
+ then
+ # Careful here, the file at executablePath may already be
+ # a wrapper. That is why we postfix it with -old instead
+ # of -wrapped.
+ oldExe="$executablePrefix"/".${browserName}"-old
+ mv "$executablePath" "$oldExe"
+ else
+ oldExe="$(readlink -v --canonicalize-existing "$executablePath")"
+ fi
+
+
+ makeWrapper "$oldExe" "$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \
+ --suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \
+ --suffix LD_LIBRARY_PATH ':' "$libs" \
+ --suffix-each GTK_PATH ':' "$gtk_modules" \
+ --suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \
+ --prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \
+ --suffix PATH ':' "$out${browser.execdir or "/bin"}" \
+ --set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \
+ --set MOZ_SYSTEM_DIR "$out/lib/mozilla" \
+ ${lib.optionalString gdkWayland ''
+ --set GDK_BACKEND "wayland" \
+ ''}${lib.optionalString (browser ? gtk3)
+ ''--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \
+ --suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share'
+ ''
+ }
+
+ if [ -e "${browser}/share/icons" ]; then
+ mkdir -p "$out/share"
+ ln -s "${browser}/share/icons" "$out/share/icons"
+ else
+ for res in 16 32 48 64 128; do
+ mkdir -p "$out/share/icons/hicolor/''${res}x''${res}/apps"
+ icon=( "${browser}/lib/"*"/browser/chrome/icons/default/default''${res}.png" )
+ if [ -e "$icon" ]; then ln -s "$icon" \
+ "$out/share/icons/hicolor/''${res}x''${res}/apps/${browserName}.png"
+ fi
+ done
+ fi
+
+ install -D -t $out/share/applications $desktopItem/share/applications/*
+
+ mkdir -p $out/lib/mozilla
+ for ext in ${toString nativeMessagingHosts}; do
+ lndir -silent $ext/lib/mozilla $out/lib/mozilla
+ done
+
+ # For manpages, in case the program supplies them
+ mkdir -p $out/nix-support
+ echo ${browser} > $out/nix-support/propagated-user-env-packages
+
+ # user customization
+ mkdir -p $out/lib/firefox
+
+ # creating policies.json
+ mkdir -p "$out/lib/firefox/distribution"
+
+ cat > "$out/lib/firefox/distribution/policies.json" < ${policiesJson}
+
+ # preparing for autoconfig
+ mkdir -p "$out/lib/firefox/defaults/pref"
+
+ cat > "$out/lib/firefox/defaults/pref/autoconfig.js" <<EOF
+ pref("general.config.filename", "mozilla.cfg");
+ pref("general.config.obscure_value", 0);
+ EOF
+
+ cat > "$out/lib/firefox/mozilla.cfg" < ${mozillaCfg}
+
+ mkdir -p $out/lib/firefox/distribution/extensions
+
+ for i in ${toString extensions}; do
+ ln -s -t $out/lib/firefox/distribution/extensions $i/*
+ done
+ '';
+
+ preferLocalBuild = true;
+
+ # Let each plugin tell us (through its `mozillaPlugin') attribute
+ # where to find the plugin in its tree.
+ plugins = map (x: x + x.mozillaPlugin) plugins;
+ libs = lib.makeLibraryPath libs + ":" + lib.makeSearchPathOutput "lib" "lib64" libs;
+ gtk_modules = map (x: x + x.gtkModule) gtk_modules;
+
+ passthru = { unwrapped = browser; };
+
+ disallowedRequisites = [ stdenv.cc ];
+
+ meta = browser.meta // {
+ description =
+ browser.meta.description
+ + " (with plugins: "
+ + lib.concatStrings (lib.intersperse ", " (map (x: x.name) plugins))
+ + ")";
+ hydraPlatforms = [];
+ priority = (browser.meta.priority or 0) - 1; # prefer wrapper over the package
+ };
+ };
+in
+ lib.makeOverridable wrapper
diff --git a/jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix
new file mode 100644
index 000000000..26751beef
--- /dev/null
+++ b/jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix
@@ -0,0 +1,40 @@
+{ stdenv, fetchurl, unzip, jq, zip }:
+
+stdenv.mkDerivation rec {
+ pname = "font-fingerprint-defender-${version}";
+ version = "0.1.0";
+
+ extid = "@font-fingerprint-defender";
+ signed = false;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3387637/font_fingerprint_defender-${version}-an+fx.xpi";
+ sha256 = "1aidkvisnx6qd7hn2x756rvzmbnaz6laqbwq0j5yd86g1kc56dr0";
+ };
+
+ phases = [ "buildPhase" ];
+
+ buildInputs = [ zip unzip jq ];
+
+ buildPhase = ''
+ mkdir -p $out/${extid}
+ unzip ${src} -d $out/${extid}
+ NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
+ echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
+ cd $out/${extid}
+ zip -r -FS $out/${extid}.xpi *
+ rm -r $out/${extid}
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Font fingerprint defender firefox browser addon";
+ homepage = https://mybrowseraddon.com/font-defender.html;
+ license = {
+ fullName = "Mozilla Public License Version 2.0";
+ shortName = "moz2";
+ spdxId = "mozilla-2.0";
+ url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/5pkgs/firefox/hopper/default.nix b/jeschli/5pkgs/firefox/hopper/default.nix
new file mode 100644
index 000000000..569fc6aaf
--- /dev/null
+++ b/jeschli/5pkgs/firefox/hopper/default.nix
@@ -0,0 +1,45 @@
+{ stdenv, fetchurl, pkgs, makeWrapper, lib }:
+
+stdenv.mkDerivation rec {
+ name = "${pname}-${version}";
+ pname = "hopper";
+ version = "4.5.16";
+ rev = "v${lib.versions.major version}";
+
+ src = fetchurl {
+ url = "https://d2ap6ypl1xbe4k.cloudfront.net/Hopper-${rev}-${version}-Linux.pkg.tar.xz";
+ sha256 = "0gjnn7f6ibfx46k4bbj8ra7k04s0mrpq7316brgzks6x5yd1m584";
+ };
+
+ sourceRoot = ".";
+
+ ldLibraryPath = with pkgs; stdenv.lib.makeLibraryPath [
+libbsd.out libffi.out gmpxx.out python27Full.out python27Packages.libxml2.out qt5.qtbase zlib xlibs.libX11.out xorg_sys_opengl.out xlibs.libXrender.out gcc-unwrapped.lib
+ ];
+
+ nativeBuildInputs = [ makeWrapper ];
+
+ installPhase = ''
+ mkdir -p $out/bin
+ mkdir -p $out/lib
+ mkdir -p $out/share
+ cp $sourceRoot/opt/hopper-${rev}/bin/Hopper $out/bin/hopper
+ cp -r $sourceRoot/opt/hopper-${rev}/lib $out
+ cp -r $sourceRoot/usr/share $out/share
+ patchelf \
+ --set-interpreter ${stdenv.glibc}/lib/ld-linux-x86-64.so.2 \
+ $out/bin/hopper
+ # Details: https://nixos.wiki/wiki/Qt
+ wrapProgram $out/bin/hopper \
+ --suffix LD_LIBRARY_PATH : ${ldLibraryPath} \
+ --suffix QT_PLUGIN_PATH : ${pkgs.qt5.qtbase}/lib/qt-${pkgs.qt5.qtbase.qtCompatVersion}/plugins
+ '';
+
+ meta = {
+ homepage = "https://www.hopperapp.com/index.html";
+ description = "A macOS and Linux Disassembler";
+ license = stdenv.lib.licenses.unfree;
+ maintainers = [ stdenv.lib.maintainers.luis ];
+ platforms = stdenv.lib.platforms.linux;
+ };
+}
diff --git a/jeschli/5pkgs/firefox/https-everywhere/default.nix b/jeschli/5pkgs/firefox/https-everywhere/default.nix
new file mode 100644
index 000000000..66fede43c
--- /dev/null
+++ b/jeschli/5pkgs/firefox/https-everywhere/default.nix
@@ -0,0 +1,29 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
+ pname = "https-everywhere-${version}";
+ version = "2019.6.27";
+
+ extid = "https-everywhere@eff.org";
+ signed = true;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3060290/https_everywhere-${version}-an+fx.xpi";
+ sha256 = "0743lhn9phn7n6c0886h9ddn1n8vhzbl0vrw177zs43995aj3frp";
+ };
+
+ phases = [ "installPhase" ];
+
+ installPhase = ''
+ install -D ${src} "$out/${extid}.xpi"
+
+ '';
+
+ meta = {
+ description = "Https everywhere browser addon";
+ homepage = https://www.eff.org/https-everywhere;
+ license = stdenv.lib.licenses.gpl2Plus;
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/5pkgs/firefox/pyocclient/default.nix b/jeschli/5pkgs/firefox/pyocclient/default.nix
new file mode 100644
index 000000000..cd91f6171
--- /dev/null
+++ b/jeschli/5pkgs/firefox/pyocclient/default.nix
@@ -0,0 +1,26 @@
+{ lib, python37Packages }:
+
+python37Packages.buildPythonPackage rec {
+ pname = "pyocclient";
+ version = "0.4";
+
+ src = python37Packages.fetchPypi {
+ inherit pname version;
+ sha256 = "19k3slrk2idixsdw61in9a3jxglvkigkn5kvwl37lj8hrwr4yq6q";
+ };
+
+ doCheck = false;
+
+ propagatedBuildInputs = with python37Packages; [
+ requests
+ six
+ ];
+
+ meta = with lib; {
+ homepage = https://github.com/owncloud/pyocclient/;
+ description = "Nextcloud / Owncloud library for python";
+ license = licenses.mit;
+ maintainers = with maintainers; [ ];
+ };
+
+}
diff --git a/jeschli/5pkgs/firefox/rmount/default.nix b/jeschli/5pkgs/firefox/rmount/default.nix
new file mode 100644
index 000000000..22631f420
--- /dev/null
+++ b/jeschli/5pkgs/firefox/rmount/default.nix
@@ -0,0 +1,34 @@
+{ stdenv, fetchgit, makeWrapper, lib, pkgs ? import <nixpkgs> {} }:
+with pkgs;
+
+stdenv.mkDerivation rec {
+ name = "rmount-${version}";
+ version = "1.0.1";
+ rev = "v${version}";
+
+ src = fetchgit {
+ rev = "9df124780d2e66f01c70afaecf92090669c5ffb6";
+ url = "https://github.com/Luis-Hebendanz/rmount";
+ sha256 = "0ydb6sspfnfa3y6gg1r8sk4r58il6636lpqwb2rw7dzmb4b8hpd2";
+ };
+
+ buildInputs = [ stdenv makeWrapper ];
+
+ installPhase = ''
+ mkdir -p $out/bin
+ mkdir -p $out/share/man/man1
+ cp ${src}/rmount.man $out/share/man/man1/rmount.1
+ cp ${src}/rmount.bash $out/bin/rmount-noenv
+ cp ${src}/config.json $out/share/config.json
+ chmod +x $out/bin/rmount-noenv
+
+ makeWrapper $out/bin/rmount-noenv $out/bin/rmount \
+ --prefix PATH : ${lib.makeBinPath [ nmap jq cifs-utils sshfs ]}
+ '';
+
+ meta = {
+ homepage = "https://github.com/Luis-Hebendanz/rmount";
+ description = "Remote mount utility which parses a json file";
+ license = stdenv.lib.licenses.mit;
+ };
+}
diff --git a/jeschli/5pkgs/firefox/ublock-origin/default.nix b/jeschli/5pkgs/firefox/ublock-origin/default.nix
new file mode 100644
index 000000000..002fa3efc
--- /dev/null
+++ b/jeschli/5pkgs/firefox/ublock-origin/default.nix
@@ -0,0 +1,28 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
<